#encoding: utf-8
class User < ActiveRecord::Base
  cattr_accessor :acceptance #接受协议，注册使用
  cattr_accessor :login_name #登录名
  cattr_accessor :common_user # true or false
  cattr_accessor :c_biz_unit_id #企业id
  cattr_accessor :biz_unit_admin # true or false
  cattr_accessor :c_role_id #角色id

  belongs_to :role
  belongs_to :biz_unit

  has_many :bls

  acts_as_authentic do |c|
    c.logged_in_timeout(20.minutes)
  end


  #根据用户登录名字和角色查找用户
  def self.query_by_login_and_role_id(page, login=nil, role_id=nil)
    condition = '1=1'
    conditions =[]
    conditions << condition
    if login
      condition += " and login like ? "
      conditions << ("%"+login+"%")
    end
    if role_id
      condition += " and role_id=?"
      conditions << role_id
    end
    conditions[0] = condition
    logger.info("query condition #{conditions}")

    rst = User
    if biz_unit_admin
      rst = User.where(:biz_unit_id => c_biz_unit_id)
    elsif common_user
      rst = User.where(:login => login_name)
    end

    rst.where(conditions).paginate(:page => page, :per_page => Constant::PER_PAGE_10)
  end

  #错误信息提示
  def diy_error_msg(attr)
    self.errors[attr].join ','
  end

  #判断当前用户是否是管理员
  def admin?
    self.role.code == Constant::SYS_ADMIN_ROLE_CODE ? true : false
  end

  def biz_unit_admin?
    [Constant::CY_ADMIN_ROLE_CODE, Constant::MOTORCADE_ADMIN_ROLE_CODE, Constant::FORWARD_ADMIN_ROLE_CODE,
     Constant::SHIPOWNER_ADMIN_ROLE_CODE].include?(self.role.code) ? true : false
  end

  def shipper?
    self.role.code == Constant::SHIPPER_ROLE_CODE ? true : false
  end

  def shipowner?
    [Constant::SHIPOWNER_USER_ROLE_CODE, Constant::SHIPOWNER_ADMIN_ROLE_CODE].include?(self.role.code) ? true : false
  end


  def forward?
    [Constant::FORWARD_USER_ROLE_CODE, Constant::FORWARD_ADMIN_ROLE_CODE].include?(self.role.code) ? true : false
  end

  def cy?
    [Constant::CY_USER_ROLE_CODE, Constant::CY_ADMIN_ROLE_CODE].include?(self.role.code) ? true : false
  end

  def motorcade?
    [Constant::MOTORCADE_USER_ROLE_CODE, Constant::MOTORCADE_ADMIN_ROLE_CODE].include?(self.role.code) ? true : false
  end


  before_save :authentic # 就算是用户伪造form提交数据，在保存时也会将重置
  private
  #检验用户保存操作是否合法
  #系统管理员无限制；公司管理员只能操作本单位人员；普通用户只能操作自己信息
  def authentic
    if common_user
      if self.login != login_name
        logger.debug "new modle login name #{self.login}"
        logger.debug "current login name #{login_name}"
        self.errors.add("no right.", "you are trying to modify your login name that is forbidden")
        return false
      end
      #set the user code to common user if code is not right before save to db
      #if self.role.code != Constant::SHIPPER_ROLE_CODE
      #  self.role  = Role.find_all_by_code( Constant::SHIPPER_ROLE_CODE ).first
      #end
      #begin
      if self.role.code != Role.find(c_role_id).code
        self.role = Role.find(c_role_id).code
      end

      #if self.biz_unit.code != Constant::SHIPPER_BIZ_UNIT_CODE
      #  self.biz_unit  =BizUnit.find_all_by_code(Constant::SHIPPER_BIZ_UNIT_CODE).first
      #end
      if self.biz_unit.code != BizUnit.find(c_biz_unit_id).code
        self.biz_unit = BizUnit.find(c_biz_unit_id).code
      end
    end

    if biz_unit_admin
      if self.biz_unit.id != c_biz_unit_id
        self.errors.add("no right.", "you are trying to modify other company's login name that is forbidden")
        return false
      end
      #当前登录是公司管理员，但保存的model中角色不是该公司的普通角色code
      if self.login != login_name and self.role.code != (Role.find(c_role_id).code+"0")
        self.role = Role.find_by_code((Role.find(c_role_id).code+"0")).first
      end
    end

  end
end
